package com.xiangban.yanglaodajie_platform.aop;

import com.xiangban.yanglaodajie_platform.entity.res.ApiResultCode;
import com.xiangban.yanglaodajie_platform.exception.BizException;
import com.xiangban.yanglaodajie_platform.service.UserService;
import com.xiangban.yanglaodajie_platform.utils.RedisUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import static com.xiangban.yanglaodajie_platform.utils.RedisUtil.fex;
import static com.xiangban.yanglaodajie_platform.utils.RedisUtil.fex_shop;


/**
 * @author : manke
 * @Description
 * @Date: 2020/10/31 11:02
 */
@Component
@Slf4j
public class AnnotationParse {
    public final static int flag_no_token = 10001; // 未携带token
    public final static int flag_failed = 10002; // token验证失败
    public final static int flag_no_permission = 10003; //无权限
    public final static int flag_no_voucher = 10004; //未携带有效凭证
    public final static int flag_fail_voucher = 10005; //凭证认证失败
    public final static int pass = 0;
    @Autowired
    private RedisUtil redisUtil;
    @Autowired
    private HttpServletRequest request;
    @Autowired
    private UserService userService;

    public Integer Permission(Method method) {

        if (method.isAnnotationPresent(Permission.class)) {
            //验证token
            String token = request.getHeader("token");
            log.info("自定义获取的token：" + token);
            if (token == null || "".equals(token)) {
                log.info("=====未携带token");
                return flag_no_token;
            }
            //获取controller 携带的权限标识
            String permission = method.getAnnotation(Permission.class).type();
            String[] roles = method.getAnnotation(Permission.class).roles();
            String userInfo;
            if ("".equals(permission)) {
                userInfo = redisUtil.get(fex + token);
                if (userInfo == null || "".equals(userInfo)) {
                    log.info("=====token验证失败");
                    return flag_failed;
                }
                if (!"".equals(roles[0])){
                    isPermission(roles); //判断是否有老师或教务权限

                }

            }
            else if ("shop".equals(permission)) {
                userInfo = redisUtil.get(fex_shop + token);
                if (userInfo == null || "".equals(userInfo)) {
                    log.info("=====token验证失败");
                    return flag_failed;
                }
            } else if ("shop-teacher".equals(permission)) {
                String userInfo1 = redisUtil.get(fex + token);
                String userInfo2 = redisUtil.get(fex_shop + token);
                if (!"".equals(userInfo1)) {
                    isPermission(roles); //判断是否有老师权限

                } else if (!"".equals(userInfo2)) {
                    return pass;

                } else {
                    log.info("=====token验证失败");
                    return flag_failed;
                }


            }


        }

        return pass;
    }

    public void isPermission(String[] roles) {
        String token = request.getHeader("token");
        ArrayList<String> userRoles = userService.getUserRoles(token);
        if (roles.length > 0) {
            boolean flag = false; //无权限
            List<String> arrayRoles = Arrays.asList(roles);
            for (String userRole : userRoles) {
                boolean contains = arrayRoles.contains(userRole);
                if (contains) {
                    flag = true;
                    break;
                }
            }
            if (!flag) {
                throw new BizException(ApiResultCode.NOT_PERMISSION);
            }


        }

    }


}
